class LoginController < ApplicationController
#  before_filter :authorize, :except => :login
  layout "login_layout"
  
    def login
    session[:user_id] = nil
    session[:account]= nil
    session[:user_type] = nil
    if request.post? 
      user = User.authenticate(params[:account], params[:password], params[:identity])
      if user
        case params[:identity]
        when "student"
          session[:user_type] = "student"
        when "teacher"
          session[:user_type] = "teacher"
        when "administrator"
          session[:user_type] = "administrator"
        end
        
        session[:user_id] = user.id
        session[:account] = user.account
        redirect_to(:controller =>"welcome", :action => "welcome")
        
      else
        flash.now[:notice] = "Invalid name/password/usertype combination!"
      end
    
    end
    
    end
    
  
  def logout
    #session[:user_type]=nil
    session[:account] = nil
    session[:student_id]=nil
    flash[:notice] = "Logged out"
    redirect_to(:action => "login")
  end
end
